Social Icons

Sunday, February 06, 2011

Win32.Hlux : January 2011 " King of worms"


1.   Email-Worm.Win32.Hlux was talk of the E-town in January across the webosphere. This mail worm spreads via emails containing malicious links that prompt users to install a bogus Flash Player, supposedly to view an e-card. The link leads to a dialog window that asks if the user agrees to download a file. Irrespective of the response, the worm sets about to penetrate the system. In addition to propagating via email, Hlux also has bot functionality and adds infected computers to a botnet before connecting to its command center and executing its commands, which are primarily directed at sending pharmaceutical spam.

2.   Kaspersky Lab also detected a Trojan dropper masquerading as a key generator for the company's products. The old adage "There's no such thing as a free lunch" is particularly fitting here as the dropper goes on to install and launch two malicious programs. One of them steals program registration data and passwords for online games. The second is a backdoor that also has keylogger functionality.

3.   Kaspersky Lab also found the mass distribution of malicious short links on Twitter. After a number of redirects, the attention-grabbing links led users to a page promoting a rogue AV program.

4.   Apart from these two hardworkers(?????..i mean mal hardworkers) in january,the other shining star in the E-crime world is AdWare.Win32.WhiteSmoke.a which if clicked, will download a program that demands payment to rectify errors it supposedly detects on the system.

5.   More detailed report on http://www.kaspersky.com

0 comments:

Post a Comment